1. Field of the Invention
This invention relates to data encryption, and more particularly to an improved method and apparatus for data dependent encryption and decryption of data signals using a pseudorandom encoding sequence to provide increased security for transmitting data over public channels.
2. Description of the Background Art
Data encryption is a function that ensures the privacy of a digital communication by preventing an unauthorized receiver from understanding the contents of a transmitted message. A conventional "symmetric key" cryptosystem is generally illustrated in FIG. 1(a). An encoder transforms a plaintext data message into ciphertext using an invertable encryption transformation. This transformation is a function of the plaintext data input message and a secret key which is shared by both the encoder and the decoder. The ciphertext is then transmitted over an unsecured public channel and the intended receiver of the message, also in possession of the secret key, applies the inverse transformation to decrypt the ciphertext and recover the original plaintext data message. The secret key is communicated to an authorized user through a secure channel (for example, a secure Key Exchange Algorithm) or a public channel (such as a Public Key Distribution System) and the key effectively dictates a specific encryption transformation from a family of cryptographic transformations. In general, any station in possession of the secret key may encrypt or decrypt messages.
A conventional cryptosystem can be said to exhibit "unconditional security" if the secret key is as long as the ciphertext message, each key is used only once, and all keys are equally likely. However, since most systems can be expected to transmit a large number of messages, the problem of distributing the key information becomes formidable. Most practical cryptosystems have short keys compared to the length of a message. The lessened security resulting from short keys is compensated for by relying on the complexity of the way that the key is combined with the data.
A particular example of a conventional cryptosystem, hereafter referred to as an electronic codebook, is generally illustrated in FIG. 1(b). The electronic codebook involves the use of a secret key that is shared by both the transmitter and the receiver. The transmitter utilizes the key to generate a deterministic, apparently random sequence of binary digits or numbers using a Pseudorandom Number (PN) generator. An essential feature of the PN generator is that with a specific key input, a unique PN sequence of arbitrary length may be generated. The PN sequence is then combined with the binary representation of the plaintext data message to be encrypted to produce a sequence of ciphertext. The combination of the PN sequence and the plaintext data must be accomplished using an invertable function. An invertable function is one that has a known inverse such that when the inverse function is applied to the ciphertext the original plaintext data can be extracted. For example, two's complement addition or bitwise exclusive-OR (XOR) are two widely used invertable functions, although other functions can be employed.
Decoding of the encrypted ciphertext may be performed by the receiver using a method identical to that used by the transmitter. Ciphertext is received from the transmitter and combined using a logical XOR gate, with a pseudorandom sequence generated by a PN generator identical to that used in the transmitter. The essence of the electronic codebook system is that an encryption key is used to generate a pseudorandom sequence in the transmitter side, and the identical sequence is then generated in the receiver when the same encryption key is applied to the receiver PN generator. The XOR gate in the receiver provides the inverse function of the XOR gate in the transmitter so that logical combination of the ciphertext and the PN sequence in the receiver produces the same plaintext data that was originally encoded by the transmitter.
The conventional cryptosystem poses a number of problems, including inefficiencies associated with using the key only once, and the accompanying challenge of distributing new keys over clear channels. A system for variable-overhead cached encryption addresses the high overhead that results from generating PN sequences that are used only once to maximize security for transmitting data over public use lines. The system provides a means for storing and reusing PN sequences in order to increase the transmission rate of messages through a cryptosystem.
What is needed is a codebook encryption scheme that is data dependent, where repeatedly reused random number sequences are intermixed with plaintext data in accordance with a method that removes the correlation between random number sequences, in order to provide a variable relationship between the plaintext data and encryption function.